Best case or worst case, the Heartbleed bug was/is a big issue. But it turns out only about 40% of people have done anything to protect themselves, according to new research by Netcraft and Software Advice.
Software Advice surveyed 3,000 people in the US and discovered that two–thirds had done nothing to protect their accounts. No new passwords. No stepped up tracking. As widespread as we all though Heartbleed was, Software Advice reports that only half of the survey population had even heard about Heartbleed, with the millenials, aged 18-24, knowing the least. I guess it wasn’t highlighted on BuzzFeed.
Also out last week, Netcraft, a UK based Internet security firm found that 57% of sites affected by Heartbleed have taken any actions to plug the security holes. They did not update to a new version of OpenSSL or revoke and reissue certificates of authentication.
Many sites took partial action, but either missed a few steps — or did the wrong things. Netcraft beleives that only 14 percent of all sites affected by Heartbleed have done everything they need to do to fix the vulnerability: Replaced their certificates, revoked the old ones and used a new set of cryptographic keys to generate new ones. Shockingly, only five percent of sites have issued new certificates generated with their old keys.
If you run a site, or if you use the Internet (and who doesn’t), take action now. Identity theft is a painful experience that can take years to purge and resolve.
Subscribe for free and get the latest news, updates, tips & money-making secrets.